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I CLAIM 

1 . A data processing apparatus, comprising: 

5 a processor operable in a plurality of modes and a plurality of domains, said 

plurality of domains comprising a secure domain and a non-secure domain, said plurality 
of modes including at least one non-secxire mode being a mode in the non-secure domain, 
at least one secxire mode being a mode in the secure domain, and a monitor mode, said 
processor being operable such that when executing a program in a secure mode said 
10 program has access to secure data which is not accessible when said processor is 
operating in a non-secure mode; 

a storage unit operable to store processor configuration data; 
said processor being operable at least partially in said monitor mode to execute 
a monitor program to manage switching between said secure domain and said non- 
15 secure domain, said switching including switching the processor configuration data in 
the storage unit between secure processor configuration data and non-secure processor 
configuration data; 

when in said monitor mode, said monitor program being operable to use 
monitor mode specific processor configuration data, thereby ensuring that operation of 
20 the processor in said monitor mode is unaffected by the switching of the processor 
configuration data. 

2. A data processing apparatus as claimed in Claim 1, wherein said processor 
configuration data is operable to control access to memory by the processor. 

25 

3. A data processing apparatus as claimed in Claim 2, wherein the memory is 
operable to store data required by the processor and comprises secure memory for storing 
the secure data and non-secure memory for storing non-secure data, said processor 
configuration data comprising memory permission data identifying whether the 

30 processor is allowed to access said secure data. 
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4. A data processing apparatus as claimed in Claim 2, wherein said processor 
configuration data comprises memory space configuration data identifying which areas of 
memory are accessible by the processor. 

5 5. A data processing apparatus as claimed in Claim 4, wherein said memory 
includes a tightly coupled memory, and said memory space configuration data includes 
data for controlling the processor's access to said tightly coupled memory, 

6. A data processing apparatus as claimed in Claim 4, wherein said memory 
10 includes a cache, and said memory space configuration data includes data for controlling 

the processor's access to said cache. 

7. A data processing apparatus as claimed in Claim 1, wherein said storage imit 
comprises one or more system configuration registers. 

15 

8. A data processing apparatus as claimed in Claim 1, wherein said monitor mode 
specific processor configuration data is hard-coded. 

9. A data processing apparatus as claimed in Claim 1 , further comprising: 

20 selection logic operable to select between said processor configuration data stored 

in the storage unit and said monitor mode specific processor configuration data in 
dependence on a control signal identifying whether the processor is operating in said 
monitor mode. 

25 10. A data processing apparatus as claimed in Claim 1, wherein in said at least one 
non-secure mode the processor is operable under the control of a non-secure operating 
system and in said at least one secure mode the processor is operable under the control of 
a secure operating system. 

30 11. A data processing apparatus as claimed in Claim 3, wherein said monitor mode 
specific processor configuration data comprises memory permission data that indicates 
that the processor is allowed to access said secure data in said monitor mode. 
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12. A data processing apparatus as claimed in Claim 2, further comprising: 

a memory management unit operable, upon receipt of a memory access request 
from the processor, to perform one or more predetermined access control functions to 
5 control issuance of the memory access request to the memory; 

said monitor mode specific processor configuration data indicating that said 
memory management unit is disabled in said monitor mode. 

13. A data processing apparatus as claimed in Claim 2, wherein said memory 
10 includes a cache, and said monitor mode specific processor configuration data indicates 

that the processor is not allowed to use said cache to access data in said monitor mode. 

14. A data processing apparatus as claimed in Claim 11, wherein at least a portion of 
said monitor mode specific processor configuration data is derived from the secure 

1 5 processor configuration data. 

15. A method of managing processor configuration data in a data processing 
apparatus comprising a processor operable in a plurality of modes and a plurality of 
domains, said plurality of domains comprising a secure domain and a non-secure domain, 

20 said plurality of modes including at least one non-secure mode being a mode in the 
non-secure domain, at least one secure mode being a mode in the secure domain, and a 
monitor mode, said processor being operable such that when executing a program in a 
secure mode said program has access to secure data which is not accessible when said 
processor is operating in a non-secure mode, said method comprising the steps of: 

25 executing on said processor at least partially in said monitor mode a monitor 

program to manage switching between said secure domain and said non-secure 
domain, including performing the step of switching the processor configuration data 
between secure processor configuration data and non-secure processor configuration 
data; 

30 when in said monitor mode, said monitor program using monitor mode specific 

processor configuration data, thereby ensuring that operation of the processor in said 
monitor mode is unaffected by the switching of the processor configuration data. 
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16. A method as claimed in Claim 15, wherein said processor configuration data is 
operable to control access to memory by the processor. 

17. A method as claimed in Claim 16, wherein the memory is operable to store data 
required by the processor and comprises secure memory for storing the secure data and 
non-secure memory for storing non-secure data, said processor configuration data 
comprising memory permission data identifying whether the processor is allowed to 
access said secure data. 

18. A method as claimed in Claim 16, wherein said processor configuration data 
comprises memory space configuration data identifying which areas of memory are 
accessible by the processor. 

19. A method as claimed in Claim 18, wherein said memory includes a tightly 
coupled memory, and said memory space configuration data includes data for controlling 
the processor's access to said tightly coupled memory. 

20. A method as claimed in Claim 18, wherein said memory includes a cache, and 
said memory space configuration data includes data for controlling the processor's access 
to said cache. 

21. A method as claimed in Claim 15, further comprising the step of storing said 
processor configuration data in one or more system configuration registers, 

22. A method as claimed in Claim 15, wherein said monitor mode specific processor 
configuration data is hard-coded. 

23. A method as claimed in Claim 15, further comprising the step of: 

selecting between said processor configuration data and said monitor mode 
specific processor configuration data in dependence on a control signal identifying 
whether the processor is operating in said monitor mode. 
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24. A method as claimed in Claim 15, wherein in said at least one non-secure mode 
the processor is operable under the control of a non-secure operating system and in said at 
least one secure mode the processor is operable under the control of a secure operating 
system. 

25. A method as claimed in Claim 17, wherein said monitor mode specific processor 
configuration data comprises memory permission data that indicates that the processor is 
allowed to access said secure data in said monitor mode. 

26. A method as claimed in Claim 16, further comprising the step of: 

upon receipt of a memory access request fi-om the processor, employing a 
memory management unit to perform one or more predetermined access control fimctions 
to control issuance of the memory access request to the memory; 

said monitor mode specific processor configuration data indicating that said 
memory management unit is disabled in said monitor mode. 

27. A method as claimed in Claim 16, wherein said memory includes a cache, and 
said monitor mode specific processor configuration data indicates that the processor is 
not allowed to use said cache to access data in said monitor mode. 

28. A method as claimed in Claim 25, wherein at least a portion of said monitor mode 
specific processor configuration data is derived fi-om the secure processor configuration 
data. 

29. A computer program operable to configure a processor in a data processing 
apparatus to manage processor configuration data, the processor being operable in a 
plurality of modes and a pluraHty of domains, said plurality of domains comprising a 
secure domain and a non-secure domain, said plurality of modes including at least one 
non-secure mode being a mode in the non-secure domain, at least one secure mode 
being a mode in the secure domain, and a monitor mode, said processor being operable 
such that when executing a program in a secure mode said program has access to 
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secure data which is not accessible when said processor is operating in a non-secure 
mode, said computer program being operable to perform the steps of: 

whilst at least partially in said monitor mode, managing switching between said 
secure domain and said non-secure domain, including performing the step of switching 
the processor configuration data between secure processor configuration data and non- 
secvire processor configuration data; and 

when in said monitor mode, using monitor mode specific processor 
configuration data, thereby ensuring that operation of the processor in said monitor 
mode is unaffected by the switching of the processor configuration data. 



30. A computer program product carrying a computer program as claimed in Claim 
29. 



